<?php
require '../../common/initPage.php';
require '../../common/dbcon.php';
require '../../common/func.php';
require '../../common/showTips.php';
require '../../common/checkForm.php';

session_start();
unset($_SESSION['$errorTipArr']);
checkCookie($mysqlCon);
if(!empty($_GET['action'])&&$_GET['action']=='login') {
    //检查验证码正确与否
    if (strtolower(handledata($_POST['authcode'])) == $_SESSION['authcode']) {
        //检查是否传空值
        if (isnull($_POST)) {
            //正确无误，处理数据
            $id = handledata($_POST['id']);
            $loginUserInfo=queryInfoByID($mysqlCon,queryisNull,$id);
            if (!empty($loginUserInfo)) {
                $keySalt = $loginUserInfo[7];
                if($loginUserInfo[6]!=5){
                    $pwd = enpwd(handledata($_POST['pwd']), $keySalt);
                    if ($pwd==$loginUserInfo[2]) {
                        //是否记住登录
                        if (!empty($_POST['keepLogin'])) {
                            setcookie('id', $id, time() + 3600, '/');
                            setcookie('key', $pwd, time() + 3600, '/');
                        }
                        //更改最后登录时间
                        upULLT($mysqlCon,updateULLT,$id);
                        //清除一个月内的回收站消息
                        deleteUser($mysqlCon,deleMess,$id);
                        $loginUnReadMessInfo=queryUnReadMess($mysqlCon,queryBrowseLNewButUnRead,$id);
                        //保存用户信息并以用户IP地址作为令牌
                        loginSuccess($_SERVER['REMOTE_ADDR'], $loginUserInfo,$loginUnReadMessInfo);
                    } else {
                        $_SESSION['$errorTipArr'][]='密码错误';
                    }
                }else{
                    $_SESSION['$errorTipArr'][]='用户已被封禁，可向管理员申请解封';
                }
            } else {
                $_SESSION['$errorTipArr'][]='用户不存在';
            }
        } else {
            //不合规，输出错误
            if (!$_POST['name']) $_SESSION['$errorTipArr'][]= '用户名不能为空';
            if (!$_POST['pwd']) $_SESSION['$errorTipArr'][]= '密码不能为空';
        }
    }else{
        $_SESSION['$errorTipArr'][]= '验证码不正确';
    }
}
require '../../views/public/login.html';